VR Systems

Tag Archive

A long-awaited report this week from the Department of Homeland Security found security problems with the computer systems that a North Carolina county used to handle voter data during the 2016 election — but no evidence that Russian hackers had breached them. Still, the review is unlikely to totally resolve questions surrounding the county’s use of software provided by the Florida company VR Systems, which — as POLITICO reported last week — have added to broader doubts about the security of election technology that Americans will use at the polls in 2020. Experts contacted by POLITICO said the new DHS analysis has its share of holes — for instance, failing to examine all the computer systems the Russians could have targeted. And they noted that officials in Durham County, N.C., had waited until about a week after Election Day to preserve some potentially important evidence. “I think [the investigation is] incomplete,” says Jake Williams a former NSA hacker who is founder of the security firm Rendition Infosec and trains forensic analysts. “It’s the best investigation that can be conducted under the circumstances. We can’t investigate what we don’t have, [and] a lot of the crucial evidence is missing.” Among other security issues, the heavily redacted DHS report indicates that someone had used a “high value” desktop computer handling Durham County’s voter-registration data to access a personal Gmail account on Election Day. The report provides a lengthy list of suggestions — all blacked out — for how the county can improve the security of its election infrastructure.

A U.S. Department of Homeland Security review found no evidence that hacking caused the 2016 election problems that forced Durham County to shut down electronic poll books on election day, the State Board of Elections said Monday in a joint statement with Durham’s board of elections. The report, months in the making, is “compelling evidence that there were no cyberattacks impacting the 2016 election in Durham,” Durham County Board of Elections Chairman Philip Lehman said in the joint statement. The state released a heavily redacted version of the 12-page report late Monday afternoon. In it, federal cyber security experts say they “did not conclusively identify any threat actor activity,” but that aspects of the state’s election security could be improved. Most of these recommendations are redacted for security reasons, but Lehman said in his statement that the county has already “implemented additional training, security measures and staffing changes” since 2016. State elections director Karen Brinson Bell said the state is working with county boards and the federal government “to improve security at every step in the voting process.”

Florida’s record as a vital swing state made it a target for meddling in the 2016 election when Russians breached two county voting systems and a software vendor and now concerns are being raised about voting security in the state for the 2020 ballot, say election and cyber security experts, federal reports and Democrats. With FBI director Christopher Wray and other intelligence officials predicting more Russian and possibly other foreign interference in the next elections, experts say Florida is again a likely target for Russian hackers, or others bent on disrupting voting, which potentially could alter tallies and create other problems. “Obviously, Florida will be a critical state in 2020 and Florida election officials should assume they will be targeted again,” said Larry Norden, who runs the election reform program at the Brennan Center for Justice. Election security experts are concerned about several potential problem areas, including software that stores sensitive voter registration data, the short timetable for any post-election audits and Florida’s history of voting snafus. Some of Florida’s election problems in 2016 were highlighted in April by special counsel Robert Mueller’s report about Russian interference and in a July Senate intelligence committee study on Russian meddling and election security issues nationwide.

Sens. Amy Klobuchar (D-Minn.) and Jack Reed (D-R.I.) are demanding answers regarding voting equipment malfunctions in North Carolina during the 2016 presidential election, as election security continues to be a contentious topic on Capitol Hill. Klobuchar and Reed sent a letter to acting Homeland Security Secretary Kevin McAleenan late last week asking him to explain the steps taken by the Department of Homeland Security (DHS) to investigate the “unexpected behavior” of voting equipment made by VR Systems during the 2016 election in Durham County, North Carolina. On election day, electronic poll books in this county made by VR Systems malfunctioned, leading the county to switch to paper poll books. It is not clear if this was the result of a cyberattack or a different cause. The letter from the two Democratic senators was sent in the wake of the release of former special counsel Robert Mueller’s report, which concluded that Russian officers “targeted employees of [redacted], a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network.”

The Department of Homeland Security is investigating the equipment—provided by a company allegedly targeted by Russian hackers—used in Durham County during the 2016 election. On Election Day in 2016, certain voting machines malfunctioned by incorrectly telling voters they had already cast their ballot, leading affected polling stations to switch to paper poll books, according to the Washington Post. The equipment also asked some people for photo identification, which was not legally required at the time. This snafu created lengthy delays and led some precincts to extend voting hours. Durham County then tapped the cybersecurity company Protus3 to conduct an investigation into the situation in 2016. The firm concluded that poll workers caused the error for several voters, but it was inconclusive about the other issues and offered ideas for further investigation, leading North Carolina to deem the findings inconclusive.

As 2016′s do-or-die presidential election between Donald Trump and Hillary Clinton drew near, many students at North Carolina Central University, a historically black institution in the city of Durham, couldn’t wait to cast their ballots, to Soar to the Polls, in the name of an early-voting rally staged by campus activists. “These Millennials are not alienated,” Jarvis Hall, an NCCC poli-sci professor, said when the rally was held late that October. “They are engaged, involved and concerned, and they want to draw attention to and take advantage of the early voting.” But those students who instead waited until the fateful Election Day of November 8, 2016, to vote at a campus polling place didn’t soar, but instead came in for a crash landing. Susan Greenhalgh, the executive director of an alliance called the National Election Defense Coalition, was manning a national voting hotline that morning and her phone was ablaze with calls from all over North Carolina and especially from Durham, a Democratic enclave in a purple battleground state.

A pair of Democratic lawmakers penned a letter this week grilling the Federal Bureau of Investigations on the steps it’s taking to investigate and protect American election technology vendors from potential Russian-led cyber-hacking. In a correspondence addressed to FBI director Christopher Wray, Sens. Ron Wyden, D-Ore., and Amy Klobuchar, D-Minn., questioned the bureau’s response to the Russian government’s potential hack of the Florida-based manufacturer of voter-registration software and election pollbooks, VR Systems, during the November 2016 election. The senators reference Special Counsel Robert Mueller’s Report on the Investigation into Russian Interference in the 2016 Presidential Election, highlighting that about three months ahead of the election, Russian GRU officers “targeted employees of [redacted], a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network.”

Sens. Amy Klobuchar (D-Minn.) and Ron Wyden (D-Ore.) are demanding answers from the FBI on its response to Russia attempting to hack voting machine company VR Systems during the 2016 presidential election. The incident was revealed in special counsel Robert Mueller’s report, which said Russia in August 2016 targeted employees of “a voting technology company that developed software used by numerous U.S. counties to manage voter rolls, and installed malware on the company network.” The company wasn’t mentioned in the report, but VR Systems has since been confirmed as the targeted company. In a letter to FBI Director Christopher Wray on Wednesday, Klobuchar and Wyden asked the FBI what steps it took after VR Systems alerted the FBI in August 2016 that it had found suspicious IP addresses on its systems. “VR Systems indicates they did not know that these IP addresses were part of a larger pattern until 2017, which suggests that the FBI may not have followed up with VR Systems in 2016 about the nature of the threat they faced,” the senators wrote.

Two high-profile U.S. senators have taken a keen interest in a small Florida-based election tech company that may have unwittingly been used by Russian hackers to interfere with the U.S. presidential election in 2016. Senators Ron Wyden (D-OR) and Amy Klobuchar (D-MN) on Wednesday sent a letter to FBI director Christopher Wray asking for more information about the agency’s interactions with Tallahassee, Florida-based VR Systems, which makes the “pollbook” devices used by counties in eight states around the country to verify the eligibility of voters arriving at the polls. The senators emphasized that “Congress and the American people still do not have a complete picture of the federal government’s efforts to detect and defend against this attack against our democracy.” VR Systems was referenced–first in a leaked 2018 NSA report, then in the Mueller report–as the “U.S. Vendor” or “Vendor 1,” targeted in a GRU (Russian military) spearfishing attack that took place between August and November of 2016. The FBI and the NSA believe the GRU may have been trying to access the email addresses of VR Systems’ county election board end users, then send malicious code to those users that could alter the behavior of the company’s voter check-in hardware and software on election day.

More than two and a half years after the fact, the Feds are finally going to investigate the failure of voter registration software – from a ­company that had been cyber-attacked by Russians just days before the November 2016 US presidential election – in the swing state of North Carolina. Politico has reviewed a document and spoken to somebody with knowledge of the episode, both of which suggest that the vendor, VR Systems, “inadvertently opened a potential pathway for hackers to tamper with voter records in North Carolina on the eve of the presidential election.” Specifically, VR Systems used remote-access software to connect for several hours to a central computer in Durham County so as to troubleshoot problems with the company’s voter registration software. In fact, election officials would come to find out that this was common practice, according to Politico’s source, in spite of the fact that election technology security experts agree that it opens up systems to hacking.

A Florida-based maker of voter registration software says it has proof that neither its employees’ email accounts nor its systems were penetrated in a Russian cyberattack in 2016 — an attack that could have allowed hackers to prevent voters from casting ballots during the presidential election if successful. The company, VR Systems, said in a letter to Sen. Ron Wyden (D-Ore.) this month that an analysis by a cybersecurity firm found that it had not been breached, despite allegations to the contrary in special counsel Robert Mueller’s report on Russian election interference. Mueller’s report said Russian hackers installed malware on the network of an unnamed voting technology company. A leaked National Security Agency document published by The Intercept contained details that indicate VR Systems was the most likely victim. Furthermore, in its letter to Wyden, the company admits to receiving so-called “spearphishing emails” in 2016. In the letter, VR Systems responded to questions from the senator about whether computer forensic experts or a government agency had examined the company’s computers and networks after the phishing campaign occurred.

The Department of Homeland Security has finally agreed to conduct a thorough inspection of election equipment used in North Carolina that was supplied by a vendor whose system was targeted by Russian hackers in 2016. It has been three years since the machines — laptops used to check in voters in Durham County — malfunctioned on Election Day, telling voters that they had already voted, even though they had not. The county took the laptops out of service that day and switched to using paper poll books, but what caused the problem has remained a mystery. It’s one of several remaining questions about what happened in the 2016 elections, the answers to which could help the U.S. protect itself against future cyberattacks. “This support may help to provide a better understanding of previous issues and help to secure the 2020 elections,” said Sara Sendek, a DHS spokesperson. She added that the agency “has no information that there is any previous or ongoing issues regarding elections systems” in the state.

A Florida election software company targeted by Russians in 2016 inadvertently opened a potential pathway for hackers to tamper with voter records in North Carolina on the eve of the presidential election, according to a document reviewed by POLITICO and a person with knowledge of the episode. VR Systems, based in Tallahassee but with customers in eight states, used what’s known as remote-access software to connect for several hours to a central computer in Durham County, N.C., to troubleshoot problems with the company’s voter list management tool, the person said. The software distributes voter lists to so-called electronic poll books, which poll workers use to check in voters and verify their eligibility to cast a ballot. The company did not respond to POLITICO’s requests for comment about its practices. But election security experts widely condemn remote connections to election-related computer systems — not only because they can open a door for intruders but because they can also give attackers access to an entire network, depending on how they’re configured.

Sen. Ron Wyden (D-Ore.) has questions that a lot of people are still asking three years after the 2016 presidential race — what exactly happened with VR Systems, the Florida voter-registration software maker that the FBI apparently believes Russia hacked. The redacted version of special counsel Robert Mueller’s report indicated that in 2016 Russian hackers infiltrated a US maker of voter-registration software and installed malware on its network — information that was based on an FBI investigation. Furthermore, the 2017 indictment of Russian military officers for hacking Democratic computer systems that was based on the FBI investigation as well also asserted that a company fitting VR Systems’ description was hacked in 2016 and had malware installed on its network.. VR Systems, however, has long insisted it wasn’t hacked, though the company has never produced evidence showing it wasn’t compromised. Wyden wants to know whether the company ever engaged a third party to conduct a forensic examination of its computer networks and systems since the hacking assertions first came to light after the 2016 election and has asked to see a copy of a report from any such investigation, according to a letter he sent last week to VR Systems that his office shared with POLITICO.

Gov. Ron DeSantis met with the FBI and the U.S. Department of Homeland Security last week to discuss the revelation in the Mueller report that “at least one” Florida county had its election information accessed by Russian hackers in 2016. On Tuesday, DeSantis told reporters that he had been briefed on that breach — which actually happened in two counties in Florida — but that he couldn’t share which counties had been the target. “I’m not allowed to name the counties. I signed a (non)disclosure agreement,” DeSantis said, emphasizing that he “would be willing to name it” but “they asked me to sign it so I’m going to respect their wishes.”

The FBI will brief Florida’s congressional members this week on Russian attempts to hack the 2016 election, after the Mueller report revealed last month that the election system of at least one Florida county was compromised. But even before details emerge, a former supervisor of elections in Florida is saying he is not surprised that the state’s system was compromised. Ion Sancho, the longtime former supervisor of elections of Leon County, said Friday on The Florida Roundup that Florida’s election infrastructure is, frankly, “not secure.” “It’s been clear to me that the election infrastructure, not only in Florida but in the country, is not secure,” he said.

Silent so far on new information that Russian hackers may have phished their way into a local elections office, the FBI has agreed to meet next month with Florida officials to brief them on the topic. Gov. Ron DeSantis and U.S. Sen. Rick Scott each said Thursday that the FBI has reached out about scheduling a meeting within the next few weeks to discuss elections hacking. Both the current and former governor have been critical of federal authorities for remaining silent in the weeks since Robert Mueller’s Russian elections interference report said the FBI believes Russian hackers were able to “gain access” to “at least one” Florida county government computer network. “They won’t tell us which county it was. Are you kidding me? Why would you not say something immediately?” DeSantis said Thursday in Miami, where he made an appearance to name two new members of the Third District Court of Appeal. “We’re looking for answers. I think finally next week we’re going to get somebody, or maybe the week after we’re going to have somebody come brief us on what happened.” DeSantis’ office did not provide additional details about the meeting, and the FBI did not immediately respond to a request for comment.

The North Carolina State Board of Elections is asking a voting software company if it was hacked by Russian cyber attackers in 2016. The NCSBE wants to know if VR Systems is “Vendor 1” in the Mueller report. The report indicates that russian intelligence successfully “installed malware on the company network.” The letter from NCSBE asks VR Systems for “immediate, written assurance regarding the security” of its network. Nearly two dozen counties in the state used VR Systems in 2016, including Mecklenburg. “What we use it for on is the back end so that we can record provisional ballots, transfers, that sort of stuff that allows us to do it uniformly through 195 different precincts,” Mecklenburg County Board of Election Director Michael Dickerson said. VR Systems is based in Tallahassee and used to have an office in Matthews. Emails to the company were not returned.

North Carolina elections officials want to know whether an unnamed voting technology company that Robert Mueller’s report says was compromised by Russian hackers is the same firm that supplies poll book software to more than a dozen counties across the state. In a letter to VR Systems sent Thursday afternoon, State Board of Elections General Counsel Josh Lawson asked the company to provide “immediate, written assurance” about the security of its products, which came under fire two years ago when a leaked intelligence report named the company as the target of a Russian hacking attempt known as “spearphishing.” Mueller’s report, released in a redacted form Thursday morning, notes that, in August 2016, Russian intelligence officers targeted a “voting technology company that developed software used by numerous U.S. counties to manage voter rolls,” installing malicious code on the company’s network. The name of the firm is blacked out due to “personal privacy” exemptions. Lawson said, based on the leaked intelligence report and a separate 2017 federal indictment, that VR Systems was a target of the GRU, the Russian military intelligence agency.

Voting in the United States is highly decentralized—and in many ways that’s a good thing when it comes to security. Having different regions operate their own elections and count their own votes makes it harder for someone to forge, compromise, or change a large number of votes all at once. But that decentralization also means that individual states, counties, or districts are also often free to make bad decisions about what kind of voting technology to use—and it’s surprisingly hard to stop them. Earlier this week, North Carolina’s state elections board made a last-ditch attempt to convince a judge to prohibit counties in the state from using voting software manufactured by VR Systems on the grounds that the board hadn’t officially certified the software since 2009. On Monday—the day before Election Day—that attempt failed when Superior Court Judge Paul Ridgeway declined to intervene.